Home Explore Help
Sign In
crispAudio
/
poky
mirror of git://git.yoctoproject.org/poky
5
0
Fork 0
Files Issues 0 Wiki
Browse Source

sqlite3: ignore CVE-2025-3277

The vulnerable code was introduced in 3.44.0 via [1].
(See fix commit [2])
Also Debian says "not vulnerabele yet for 3.40.1 in [3]

[1] https://github.com/sqlite/sqlite/commit/e1e67abc5cf67f931aab1e471eda23d73f51d456
[2] https://sqlite.org/src/info/498e3f1cf57f164f
[3] https://security-tracker.debian.org/tracker/CVE-2025-3277

(From OE-Core rev: ebacd5cd2827c1a9a45a92353518f9d976597526)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Peter Marko 2 months ago
parent
bedacbb603
commit
a7f2f317f5
1 changed files with 2 additions and 0 deletions
Split View Show Diff Stats
  1. 2 0
      meta/recipes-support/sqlite/sqlite3_3.38.5.bb

+ 2 - 0
meta/recipes-support/sqlite/sqlite3_3.38.5.bb
View File 

@@ -21,3 +21,5 @@ CVE_CHECK_IGNORE += "CVE-2019-19242"
 
 CVE_CHECK_IGNORE += "CVE-2015-3717"
 
 # Issue in an experimental extension we don't have/use. Fixed by https://sqlite.org/src/info/b1e0c22ec981cf5f
 
 CVE_CHECK_IGNORE += "CVE-2021-36690"
 
+# Issue was introduced in 3.44.0
 
+CVE_CHECK_IGNORE += "CVE-2025-3277"